摘要： 支持向量的数量越大，基于SVM的网络入侵检测系统速度越慢。针对该问题提出一种新的SVM约简方法，在特征空间中对支持向量进行聚类，寻找聚类质心在输入空间中的原像，将其作为约简向量，以实现支持向量削减目的。实验结果证明，该方法能提高SVM入侵检测引擎的速度，增强入侵检测系统的实时响应能力。

关键词: 入侵检测, 支持向量机, 核聚类, 原像

Abstract: The larger the number of support vectors is, the slower the detection speed of network intrusion detection system based on SVM is. Aiming at this problem, a novel method to simplify SVM is presented. The support vectors are organized in clusters in the feature space. For each cluster centroid, it finds the pre-image in input space and adopts it as a reduced vector to compress the number of support vectors. Experimental results show that this method can improve detection speed of SVM engine and enhance the real-time response capability of intrusion detection system.

Key words: intrusion detection, Support Vector Machine(SVM), kernel-based clustering, pre-image

中图分类号: 

• TP393.08